Dig stands for domain information groper.
Using dig command you can query DNS name servers for your DNS lookup related tasks. This article explains 10 examples on how to use dig command.
1. Simple dig Command Usage (Understand dig Output)
When you pass a domain name to the dig command, by default it displays the A record (the ip-address of the site that is queried) as shown below.
In this example, it displays the A record of redhat.com in the “ANSWER SECTION” of the dig command output.
$ dig redhat.com ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62863 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 3 ;; QUESTION SECTION: ;redhat.com. IN A ;; ANSWER SECTION: redhat.com. 37 IN A 209.132.183.81 ;; AUTHORITY SECTION: redhat.com. 73 IN NS ns4.redhat.com. redhat.com. 73 IN NS ns3.redhat.com. redhat.com. 73 IN NS ns2.redhat.com. redhat.com. 73 IN NS ns1.redhat.com. ;; ADDITIONAL SECTION: ns1.redhat.com. 73 IN A 209.132.186.218 ns2.redhat.com. 73 IN A 209.132.183.2 ns3.redhat.com. 73 IN A 209.132.176.100 ;; Query time: 13 msec ;; SERVER: 209.144.50.138#53(209.144.50.138) ;; WHEN: Thu Jan 12 10:09:49 2012 ;; MSG SIZE rcvd: 164
The dig command output has the following sections:
- Header: This displays the dig command version number, the global options used by the dig command, and few additional header information.
- QUESTION SECTION: This displays the question it asked the DNS. i.e This is your input. Since we said ‘dig redhat.com’, and the default type dig command uses is A record, it indicates in this section that we asked for the A record of the redhat.com website
- ANSWER SECTION: This displays the answer it receives from the DNS. i.e This is your output. This displays the A record of redhat.com
- AUTHORITY SECTION: This displays the DNS name server that has the authority to respond to this query. Basically this displays available name servers of redhat.com
- ADDITIONAL SECTION: This displays the ip address of the name servers listed in the AUTHORITY SECTION.
- Stats section at the bottom displays few dig command statistics including how much time it took to execute this query
2. Display Only the ANSWER SECTION of the Dig command Output
For most part, all you need to look at is the “ANSWER SECTION” of the dig command. So, we can turn off all other sections as shown below.
- +nocomments – Turn off the comment lines
- +noauthority – Turn off the authority section
- +noadditional – Turn off the additional section
- +nostats – Turn off the stats section
- +noanswer – Turn off the answer section (Of course, you wouldn’t want to turn off the answer section)
The following dig command displays only the ANSWER SECTION.
$ dig redhat.com +nocomments +noquestion +noauthority +noadditional +nostats ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com +nocomments +noquestion +noauthority +noadditional +nostats ;; global options: +cmd redhat.com. 9 IN A 209.132.183.81
Instead of disabling all the sections that we don’t want one by one, we can disable all sections using +noall (this turns off answer section also), and add the +answer which will show only the answer section.
The above command can also be written in a short form as shown below, which displays only the ANSWER SECTION.
$ dig redhat.com +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com +noall +answer ;; global options: +cmd redhat.com. 60 IN A 209.132.183.81
3. Query MX Records Using dig -t MX
To query MX records, pass MX as an argument to the dig command as shown below.
$ dig redhat.com MX +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com MX +noall +answer ;; global options: +cmd redhat.com. 513 IN MX 5 mx1.redhat.com. redhat.com. 513 IN MX 10 mx2.redhat.com.
You can also use option -t to pass the query type (for example: MX) as shown below.
$ dig -t MX redhat.com +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> -t MX redhat.com +noall +answer ;; global options: +cmd redhat.com. 489 IN MX 10 mx2.redhat.com. redhat.com. 489 IN MX 5 mx1.redhat.com.
4. Query NS Records Using dig -t NS
To query the NS record use the type NS as shown below.
$ dig redhat.com NS +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com NS +noall +answer ;; global options: +cmd redhat.com. 558 IN NS ns2.redhat.com. redhat.com. 558 IN NS ns1.redhat.com. redhat.com. 558 IN NS ns3.redhat.com. redhat.com. 558 IN NS ns4.redhat.com.
You can also use option -t to pass the query type (for example: NS) as shown below.
$ dig -t NS redhat.com +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> -t NS redhat.com +noall +answer ;; global options: +cmd redhat.com. 543 IN NS ns4.redhat.com. redhat.com. 543 IN NS ns1.redhat.com. redhat.com. 543 IN NS ns3.redhat.com. redhat.com. 543 IN NS ns2.redhat.com.
5. View ALL DNS Records Types Using dig -t ANY
To view all the record types (A, MX, NS, etc.), use ANY as the record type as shown below.
$ dig redhat.com ANY +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com ANY +noall +answer ;; global options: +cmd redhat.com. 430 IN MX 5 mx1.redhat.com. redhat.com. 430 IN MX 10 mx2.redhat.com. redhat.com. 521 IN NS ns3.redhat.com. redhat.com. 521 IN NS ns1.redhat.com. redhat.com. 521 IN NS ns4.redhat.com. redhat.com. 521 IN NS ns2.redhat.com.
(or) Use -t ANY
$ dig -t ANY redhat.com +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> -t ANY redhat.com +noall +answer ;; global options: +cmd redhat.com. 367 IN MX 10 mx2.redhat.com. redhat.com. 367 IN MX 5 mx1.redhat.com. redhat.com. 458 IN NS ns4.redhat.com. redhat.com. 458 IN NS ns1.redhat.com. redhat.com. 458 IN NS ns2.redhat.com. redhat.com. 458 IN NS ns3.redhat.com.
6. View Short Output Using dig +short
To view just the ip-address of a web site (i.e the A record), use the short form option as shown below.
$ dig redhat.com +short 209.132.183.81
You can also specify a record type that you want to view with the +short option.
$ dig redhat.com ns +short ns2.redhat.com. ns3.redhat.com. ns1.redhat.com. ns4.redhat.com.
7. DNS Reverse Look-up Using dig -x
To perform a DNS reverse look up using the ip-address using dig -x as shown below
For example, if you just have an external ip-address and would like to know the website that belongs to it, do the following.
$ dig -x 209.132.183.81 +short www.redhat.com.
To view the full details of the DNS reverse look-up, remove the +short option.
$ dig -x 209.132.183.81 ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> -x 209.132.183.81 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62435 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 3 ;; QUESTION SECTION: ;81.183.132.209.in-addr.arpa. IN PTR ;; ANSWER SECTION: 81.183.132.209.in-addr.arpa. 600 IN PTR www.redhat.com. ;; AUTHORITY SECTION: 183.132.209.in-addr.arpa. 248 IN NS ns2.redhat.com. 183.132.209.in-addr.arpa. 248 IN NS ns1.redhat.com. 183.132.209.in-addr.arpa. 248 IN NS ns3.redhat.com. 183.132.209.in-addr.arpa. 248 IN NS ns4.redhat.com. ;; ADDITIONAL SECTION: ns1.redhat.com. 363 IN A 209.132.186.218 ns2.redhat.com. 363 IN A 209.132.183.2 ns3.redhat.com. 363 IN A 209.132.176.100 ;; Query time: 35 msec ;; SERVER: 209.144.50.138#53(209.144.50.138) ;; WHEN: Thu Jan 12 10:15:00 2012 ;; MSG SIZE rcvd: 193
8. Use a Specific DNS server Using dig @dnsserver
By default dig uses the DNS servers defined in your /etc/resolv.conf file.
If you like to use a different DNS server to perform the query, specify it in the command line as @dnsserver.
The following example uses ns1.redhat.com as the DNS server to get the answer (instead of using the DNS servers from the /etc/resolv.conf file).
$ dig @ns1.redhat.com redhat.com ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> @ns1.redhat.com redhat.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20963 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;redhat.com. IN A ;; ANSWER SECTION: redhat.com. 60 IN A 209.132.183.81 ;; AUTHORITY SECTION: redhat.com. 600 IN NS ns1.redhat.com. redhat.com. 600 IN NS ns4.redhat.com. redhat.com. 600 IN NS ns3.redhat.com. redhat.com. 600 IN NS ns2.redhat.com. ;; ADDITIONAL SECTION: ns1.redhat.com. 600 IN A 209.132.186.218 ns2.redhat.com. 600 IN A 209.132.183.2 ns3.redhat.com. 600 IN A 209.132.176.100 ns4.redhat.com. 600 IN A 209.132.188.218 ;; Query time: 160 msec ;; SERVER: 209.132.186.218#53(209.132.186.218) ;; WHEN: Thu Jan 12 10:22:11 2012 ;; MSG SIZE rcvd: 180
9. Bulk DNS Query Using dig -f (and command line)
Query multiple websites using a data file:
You can perform a bulk DNS query based on the data from a file.
First, create a sample names.txt file that contains the website that you want to query.
$ vi names.txt redhat.com centos.org
Next, execute dig -f as shown below, which will perform DNS query for the websites listed in the names.txt file and display the output.
$ dig -f names.txt +noall +answer redhat.com. 60 IN A 209.132.183.81 centos.org. 60 IN A 72.232.194.162
You can also combine record type with the -f option. The following example displays the MX records of multiple websites that are located in the names.txt file.
$ dig -f names.txt MX +noall +answer redhat.com. 600 IN MX 10 mx2.redhat.com. redhat.com. 600 IN MX 5 mx1.redhat.com. centos.org. 3600 IN MX 10 mail.centos.org.
Query multiple websites from dig command line:
You can also query multiple websites from the dig command line as shown below. The following example queries MX record for redhat.com, and NS record for centos.org from the command line
$ dig redhat.com mx +noall +answer centos.org ns +noall +answer ; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> redhat.com mx +noall +answer centos.org ns +noall +answer ;; global options: +cmd redhat.com. 332 IN MX 10 mx2.redhat.com. redhat.com. 332 IN MX 5 mx1.redhat.com. centos.org. 3778 IN NS ns3.centos.org. centos.org. 3778 IN NS ns4.centos.org. centos.org. 3778 IN NS ns1.centos.org.
10. Use $HOME/.digrc File to Store Default dig Options
If you are always trying to view only the ANSWER section of the dig output, you don’t have to keep typing “+noall +answer” on your every dig command. Instead, add your dig options to the .digrc file as shown below.
$ cat $HOME/.digrc +noall +answer
Now anytime you execute dig command, it will always use +noall and +answer options by default. Now the dig command line became very simple and easy to read without you have to type those options every time.
$ dig redhat.com redhat.com. 60 IN A 209.132.183.81 $ dig redhat.com MX redhat.com. 52 IN MX 5 mx1.redhat.com. redhat.com. 52 IN MX 10 mx2.redhat.com.
My name is Ramesh Natarajan. I will be posting instruction guides, how-to, troubleshooting tips and tricks on Linux, database, hardware, security and web. My focus is to write articles that will either teach you or help you resolve a problem. Read more about
Comments on this entry are closed.
Instructive article… wish you published it weeks ago when I wrote digy which is a tutorial script that simplifies, yet extends, dig.
digy tames the DNS utility dig with reasonable options and error handling (which is otherwise cryptic or non-existent). Emphasis on readability of output. Also gets WAN public IP address, checks local network status, and discovers who is behind sites: check here for the latest version.
It has some illustrative examples to get started. The output is designed for further processing by other commands. digy also eliminates the need (#10) to set up a .digrc file because the most useful options are built-in 🙂
excellent!
Thanks for the good article.
It would be good if you write an article about dns server installation too.
if my dns is not resolving ,, mean dig is not working… then how should is troubleshoot.
plz explain the problem areas of dns also…
and write an article on . “how to prepare good dns server”
Thanks for the artivle really helpful in getting nameservers of domains
@Ramesh
u did a dig on dig 🙂
gud
Hi,
Very nice article
Thanks
Excellent dig summary!
Thank you very much!
Good article..!! For digging 😉
Nice article really has shaped my dig understanding
A nice informative articles even for beginners 🙂
I really “dig” this tutorial. Very practical stuff here. There are so many ways to do tasks.
Does any one else have the same problem as myself?
dig google.com
Does not return ‘authority’ section anymore.
Even with googles own free DNS
dig @8.8.8.8 google.com
If you get ‘authority’ section in your results, can you please post what is your isp, and dns servers?
And no, I don’t have a ‘~/.digrc’
Ash
Explained very nicely
thx
I liked hearing that you can perform bulk DNS look-ups through a text file with dig (a command I just learned about today.) I hope to learn more useful commands where you can ( query, find, manipulate, or whatever) info that’s in a text file on the command line in Linux.
Great article: Informative. Clear. Usable.
Excellent. Thankyou very much for this article 🙂
what is ns (name server) ???? what its use..
Excellent, Ramesh, thank you very much!
hum, nice tips. you have saved me loads of time with all these commands. Thanks
Wonderful.
I prefer using the below
dig +noall +nocmd example.com +answerThis gives the cleanest output.
Simple and clear information ! —-thank you
As much as this tutorial is nice, it does not explain what the output actually is telling someone. I guess there is an assumption that the person reading knows what “MX” means.
.digrc tip FTW! Thanks
M@
Thank you very much. This is what I needed to really start using the dig command.
Hi there , thanks you for this tutorial more than great . One of the best I’ve ever seen so far .
You’re the only person who explains -t is optional.